Lucene search

UbuntuUSN-201-1

HistoryOct 12, 2005 - 12:00 a.m.

SqWebmail vulnerabilities

2005-10-1200:00:00

ubuntu.com

6.7 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.016 Low

EPSS

Percentile

87.4%

JSON

Releases

Ubuntu 5.04
Ubuntu 4.10

Details

Several Cross Site Scripting vulnerabilities were discovered in
SqWebmail. A remote attacker could exploit this to execute arbitrary
JavaScript or other active HTML embeddable content in the web browser
of an SqWebmail user by sending specially crafted emails to him.

Please note that the “sqwebmail” package is not officially supported
by Ubuntu (it is in the “universe” section of the archive).

OSVersionArchitecturePackageVersionFilename
Ubuntu5.04noarchsqwebmail< *UNKNOWN
Ubuntu4.10noarchsqwebmail< *UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	5.04	noarch	sqwebmail	< *	UNKNOWN
Ubuntu	4.10	noarch	sqwebmail	< *	UNKNOWN

References

ubuntu.com/security/CVE-2005-2724

ubuntu.com/security/CVE-2005-2769

ubuntu.com/security/CVE-2005-2820

6.7 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.016 Low

EPSS

Percentile

87.4%

JSON

Related for USN-201-1